GoAnywhere Services Release Notes

May 23, 2014 - Version 3.5.1

  • Fixed an issue with the Brute-force Attack Monitor with handling failed login attempts for disabled accounts.
  • Fixed an issue with changing Web User passwords that would occur when the password history policy and FIPS 140-2 Compliance are enabled.
  • Enhanced security on pages with sorting.

Apr 14, 2014 - Version 3.5.0

  • Added Single Sign-On support using SAML v2.0. When enabled, GoAnywhere Services can authenticate Web Users using an Identity Provider, such as ADFS, OpenAM, Shibboleth, Salesforce.com, and more.
  • Added Indonesian and Portuguese languages in the Web Client. This is in addition to the currently supported English, Spanish, German, French, and Japanese languages.
  • Added support for custom disclaimers and page titles for each individual language in the Web Client.
  • Added new commands to the GACMD command line interface to modify which files and folders that Web Users and Web User Groups can access. The new commands are: AddVirtualFile, AddVirtualFolder, RemoveVirtualFile, RemoveVirtualFolder, UpdateVirtualFile, and UpdateVirtualFolder. These commands allow you to specify the file or folder path, the alias that the user will see, permissions, and disk quota limits.
  • Upgraded the FIPS 140-2 certified cryptographic libraries from 5.0 to 6.1. The upgraded libraries are certified under the FIPS 140-2 certification numbers 2057 and 2058.
  • Added a View page to Encrypted Folders.
  • Updated the email templates to utilize the new variable syntax which uses a colon (:) instead of a period (.) to access values. For example, ${webUser:name} instead of ${webUser.name}. This change only affects the templates that are shipped with GoAnywhere. Any template that you have modified in /userdata/emailtemplates will not be affected and the old syntax will still work.
  • Removed a hidden input field from the Server Log Viewer page.
  • Fixed an issue with the File Chooser where users could navigate to directories they are not permitted when using the File Manager in restricted mode.
  • Fixed an issue with the File Manager where renaming a file could fail if the user's home directory ends in a slash or contains different case on the folder path.
  • Fixed an issue on the Web Client where English messages would not show up if the JVM is using a different default language.
  • Fixed an issue where deleting contacts from the Secure Mail contact list was not properly closing the connection to the underlying database.
  • Fixed an issue where audit log searching was not closing the connection to the database when an error occurred when performing the search.
  • Fixed an issue with the File Chooser in Trigger actions to properly restrict the selection of files or directories depending on the expected value of the input field.

Feb 20, 2014 - Version 3.4.3

  • Upgraded the embedded Apache Tomcat server from 6.0.35 to 6.0.39
Watch the 3.4 release highlights
GoAnywhere Services 3.4.0 release highlights

January 21, 2014 - Version 3.4.2

  • Enhanced the Secure Mail API for supporting new features added to GoAnywhere Outlook Plugin and the GoAnywhere Android App.
  • Enhanced email templates for Secure Mail notification emails to support new variables.
  • Fixed an issue where the ${package.sender.name} variable was not set properly on emails when using the Global SMTP address as the From Address of Secure Mail notifications.
  • Fixed the GACMD 'updateWebUser' command to prevent a web user's group, IP filter, and HTTPS fingerprint settings from being lost.
  • Fixed an issue where loading the Web Help would cause 404 errors to be logged to the server log.
  • Fixed an issue with the new action icon introduced to the Web Client in 3.4.0 that could cause an OutOfMemoryException in cases where a folder contains thousands of files.
  • Fixed an issue that would occur if a recipient replies to a Secure Mail message before the sending operation finished emailing all recipients of a package.
  • Fixed the LDAP Managed sync process to prevent a Web User's IP filter setting from being lost.

January 1, 2014 - Version 3.4.1

  • Enhanced the sharing of files and folders to allow users to set the Overwrite, Append, and Checksum permissions.
  • Enhanced the Switch Database process for SQL Server to allow the use of Windows Integrated Security.
  • Enhanced LDAP group searching to prevent too many records from being requested at once.
  • Added validation to Secure Mail to prevent Drafts from being sent when the Protection Level specified is no longer allowed.
  • Added validation to prevent Secure Mail from being sent when invitations are required and self-registration is not enabled.
  • Fixed an issue that occurred when downloading files from an Encrypted Folder through SFTP. This issue was only present when GoAnywhere Services was running on an IBM JVM.
  • Fixed an issue that was preventing Chrome from downloading a file from the Basic Web Client when the file name contained a comma.
  • Fixed an issue when composing a message in Secure Mail to properly set the protection level to URL when it is the default.

Dec 10, 2013 - Version 3.4.0

  • Enhanced integration with LDAP and Active Directory (AD) servers by adding a new Login Method that can be used for automatically creating Web User accounts in GoAnywhere Services. The following detailed features are available with this new Login Method:
    • Supports Active Directory (AD), Active Directory Lightweight Directory Services (AD LDS), IBM Tivoli, Oracle Directory Service (ODS), Apache DS and other generic LDAP servers.
    • Synchronization can be enabled to automatically replicate the users in LDAP or AD servers to Web Users in GoAnywhere Services. Any user in LDAP or AD that does not exist in GoAnywhere will be created automatically based on the Web User Template specified. The synchronization occurs at timed intervals and can be executed interactively as needed.
    • Web User accounts can be created automatically when they login for the first time if they supply a valid LDAP or AD user and password. The auto-creation feature can be enabled or disabled per Login Method.
    • When synchronizing or creating Web Users during login, Web User Group membership can be enforced to only allow users from LDAP or AD that are a member of a matching Web User Group in GoAnywhere. This allows you to synchronize just a certain group of users from the LDAP or AD server.
    • Web Users Groups were enhanced to pull in the user group membership based on the users and groups in the LDAP or AD server.
    • When a User or Web User attempts to authenticate, this Login Method will use a trusted service account to query the LDAP or AD server first to lookup details on users and groups.
    • An alternate server can be defined which will be used when the primary server is unavailable for failover purposes.
    • A new Test page was added to verify the connection and settings are correct. Testing is available to all Login Methods and requires a valid user ID and password to be supplied.
  • Secure Mail Enhancements:
    • Added the ability for recipients of a Secure Mail package to reply to the sender. The recipients are not required to have a registered account. When replying, they can attach files and specify an optional message. Replies can be enabled by an administrator on the General tab of the Secure Mail Settings page.
    • Added an Address Book that can be accessed in Secure Mail to select email recipients based on recently used addresses, contacts and groups. Recently used email addresses are automatically saved to the Address Book. Email addresses can be saved as permanent contacts. Groups can be defined and selected as distribution lists of contacts.
    • Added a new Certified Delivery protection level to Secure Mail. This option requires all recipients of a package to be registered users before they can view a package. Any recipient that does not have an account will be invited to self-register. Certified Delivery can be enabled in the Protection Level section on the General tab of the Secure Mail Settings page.
    • Added an Inbox to the Web Client to display received Secure Mail packages. Packages that are sent with the Certified Delivery protection level or packages that were sent as a reply to a message will appear in the Web User's Inbox.
    • Added a new Inbox Removal event to record when the Web User removes a package from their Inbox. This event is stored and can be viewed in the HTTPS audit logs.
    • Added an option in Secure Mail Settings that determines if the password for a Package is sent in the same email or in a separate email for security reasons.
    • Added a new Address Rules tab to the Secure Mail Settings page. The Address Rules allows an administrator to specify the email addresses which Web Users are allowed to send to and receive message from in Secure Mail.
    • Added new settings on the Secure Mail tab of the Log Manager screen to define the maximum retention period for packages that are in active or draft statuses.
  • Web Client Enhancements:
    • Added the ability for the Web Client to be viewed in German, French, Spanish and Japanese languages. The language settings in the Web User's browser are used to automatically determine which language to use.
    • Added the ability for Web Users to share files and folders with other users, if permitted. Sharing can be performed from either the basic or enhanced file manager in the Web Client. Any recipient that does not have an account will receive an invitation to self-register before they can access the shared file or folder. When sharing, the Web User can specify a subset of their permissions to give to the recipient(s). A new "Share" permission was added on Files and Folders in the Folders tab of the Web User, Web User Template, and Web User Groups configuration pages.
    • Added drag-n-drop support in the Enhanced Interface of the Web Client to upload files directly from your operating system (e.g. Windows Explorer) to the Remote Server panel.
    • Enhanced the style of the Activity Report in the Web Client to look more like a report.
    • Enhanced the Failed tab in the Enhanced Interface of the Web Client to prominently indicate when a transfer fails.
    • Enhanced the Quick Download process in the Web Client to automatically download the file after the Web User logs in. The link to manually download the file is still available.
    • Standardized the action icons in the Web Client with a green colored gear icon with a drop-down hover effect.
  • Command Line Enhancements:
    • Created a new command "resetWebUserPassword" that can be executed from GACMD to reset a Web User's password.
    • Created a new command "addSSHKey" that can be executed from GACMD to import keys into the SSH Key Manager. The keys can also be associated to one or more Web Users.
    • Created a new command "removeSSHKey" that can remove the key association from a Web User or delete the key from the SSH Key Manager.
    • Created a new command "updateWebUser" that can be executed from GACMD to edit a Web User's first name, last name, organization, phone number, and email address. This command can also enable and disable Web Users.
  • Added a new System Alerts page under the Administration menu to define email notifications for events. Email alerts can be sent to one or more administrators for the following events:
    • When GoAnywhere is started or shut down
    • When the available memory in GoAnywhere is reaching a minimum value
    • When SSL certificates are about to expire
    • When a GoAnywhere product license key is about to expire
    • When a Trigger fails
  • Added the ability for administrators to specify which Web User profile fields (first name, last name, organization, phone, and email) are required. Administrators can also control which profile fields are available on the Update Profile screen in the Web Client and in Self-Registration. An option is available to enforce the email addresses on Web Users to be unique. These settings are available in the Profile tab of the Web User Settings.
  • Added support for Web User profile fields as variables in subfolders on Web User Templates. Previously these variables were only available on the home directory.
  • Added the ability to define Encrypted Folders to secure data at rest. Uploading files to these folders will automatically encrypt them with 256-bit AES encryption. When downloading from an encrypted folder, the files are decrypted on the fly to the authorized client. These encrypted folders can be accessed from the HTTPS, FTP, FTPS, SFTP, and AS2 services, as well as through the File Manager in the administrator.
  • Added an Invited By attribute to the Registration Successful event that can be used in Trigger actions and conditions.
  • Added an option in the Web User Self-Registration Settings that can force an invited user to reverify their email address during registration. This extra verification helps prevent invitation emails from being forwarded to others.
  • Added a global setting for the Admin Site URL which is used in System Alerts and Web User registration notifications.
  • Enhanced the downloading of files from the Android browser on most Android devices to keep the file name intact.
  • Enhanced Triggers to support SMB Network Shares in actions like Send Email, Move File, and Rename File.
  • Enhanced the Web User login process to attempt authentication only if the account is enabled and has not reached the maximum login attempts.
  • Updated numeric fields in the security section of the administrator to have numeric spinner controls making them more intuitive.
  • Added extra validation to prevent Web Users from renaming files or folders into folders in which they do not have upload or create directory permissions to.
  • Enhanced the navigation to pages from the main menu to always refresh the data on the destination page.
  • Upgraded the SFTP server API to the latest 1.6.3 version.
  • Enhanced email templates used in Secure Mail, System Alerts, and Web User notifications to support expressions.
  • Updated the default settings for the maximum logins and the threads used in FTP, SFTP and GoAnywhere Gateway. These changes only affect new installations.
  • Enhanced the GoAnywhere Services shutdown process to properly close the threads used to monitor bandwidth usage.
  • Enhanced the email patterns in self-registration settings by removing any blank spaces before and after the address(es).
  • Enhanced the thread settings used in SFTP to increase performance.
  • Fixed an issue on the Upload and Attach File popup windows in the Web Client to support international characters in the file name.
  • Fixed an issue where the System Name, Package ID and Recipient Email were not being exported in the HTTPS audit logs.
  • Fixed an issue with the Web User notifications for expiring password where the emails were being sent on the wrong day in some cases.
  • Fixed an issue where the file path was not logged in the HTTPS audit logs when overwriting the file failed.
  • Fixed an issue where the anonymous Web User was being shown in Web User Groups and in Trigger conditions when the user is not enabled.
  • Fixed an issue on the Remote Server panel of the Enhanced Interface to refresh when an empty folder is uploaded.
  • Fixed an issue in the File Chooser popup that prevented special characters in a Network Share resource name from being displayed correctly.
  • Fixed an issue on the advanced tab of the HTTPS audit logs screen that prevented the records from being exported.
  • Fixed an issue with password decryption for Secure Mail where the wrong value could be returned when the previous password was invalid.
  • Fixed an issue in the Delete Web User command for GACMD by marking Secure Mail Packages as inactive for the Web User that was removed.
  • Fixed an issue that prevented a user from self-registering when their token was expired but not yet purged.
  • Fixed an issue where the AS2 setting "Allow Files with No Name" wasn't being stored and retrieved properly.
  • Fixed an issue where the Last Login Date reported in the Web Client was the most recent login instead of the previous login. This issue was introduced in version 3.2.0.
  • Fixed an issue in the Java applet used in the Web Client by adding the permissions attribute to prevent security warnings when loaded using JRE 7 update 25 or higher.

Sep 18, 2013 - Version 3.3.4

  • Fixed an issue with the SFTP server that was not properly terminating sockets in all cases.
  • Fixed potential concurrency issues with shutting down the SFTP server while transfers were active.
  • Fixed an issue with the SCP Upload Successful Event that was not reporting the correct file path information to audit logs and trigger.

Sep 12, 2013 - Version 3.3.3

  • Updated the SFTP server to limit the number of concurrent transfers based on the max logins setting.
  • Fixed a validation issue with disk quota limits for the home directory.

Sep 06, 2013 - Version 3.3.2

  • Added the ability to utilize a web users organization setting as a DN Pattern variable within a Generic LDAP Login Module.
  • Added the ability to accept encrypted passwords from GoAnywhere Command requests.

Aug 13, 2013 - Version 3.3.1

  • Updated the validation check for Max Sessions to apply when a user is authenticated using digital certificates or keys.
  • Fixed an issue with cluster communication that prevented participant systems from notifying the coordinator during brute-force and DoS attack monitoring.
  • Fixed a validation issue on Disk Quota settings for virtual folders.

Jul 17, 2013 - Version 3.3.0

  • Added Disk Quotas to control the amount of storage space that each Web User can utilize. A disk quota can be specified on the Web User's home directory level to limit their overall space. For more granular control, disk quotas can also be specified for individual subfolders belonging to the Web User. Disk quotas will be enforced by GoAnywhere Services for any folders which the Web User has upload, append or overwrite permissions. The disk quota settings can also be indicated for folders under Web User Templates and Web User Groups to simplify the implementation of this new feature.
  • Added Bandwidth Throttling to control the maximum amount of network resources that GoAnywhere Services can consume for file transfer activity, which applies to all protocols (FTP, FTPS, SFTP, HTTPS, AS2 and Secure Mail). Bandwidth throttling is configured in the Global Settings screen, with options to set different limits on file uploads versus download activity. Additionally you can specify just certain days-of-week or times-of-day to apply the bandwidth throttling settings.
  • Added "at rest" encryption to protect the privacy of Secure Mail messages and file attachments as they are stored on the network. When a Secure Mail package is created, the message and any attachments will be automatically encrypted with the strong AES-256 cipher. When a package is accessed from an authorized recipient, GoAnywhere Services will then automatically decrypt the contents; the recipient will need no special software or training to access the information. Secure Mail messages and files will remain encrypted on your network until they are purged.
  • Added Login Time Limits to allow restricting individual Web Users to certain days of the week or certain times of the day. For example, a Web User could be restricted to only be able to log into GoAnywhere Services from 8 AM to 5 PM on Monday through Friday. These settings can be specified on the "Time Limits" tab when adding or editing a Web User.
  • Added the ability for Web Users to view their own audit log records including login activity and file upload/download history. This new screen can be accessed by an authorized Web User by choosing the "View Activity Report" menu option from within the GoAnywhere Services Web Client. An administrator can indicate if a Web User has this permission by selecting the "View Activity Report" checkbox when adding/editing a Web User account. This permission can additionally be specified on Web User Templates and Web User Groups to simplify the implementation of this new feature.
  • Added a new audit log column to track the Virtual Path names that were utilized when Web Users performed folder/file operations (e.g. uploads, downloads, etc.). A Virtual Path is the relative path (or alias) to the folder/file as it appears to a Web User, which is likely different than the true physical path to the folder/file. For instance, a Web User may see the virtual path to a file as "\outbound\orders.csv", but its physical path (as predefined by an administrator) may be something like "C:\documents\users\abccompany\orders.txt". The new Virtual Path audit column can be viewed by authorized administrators within the HTTPS, FTP, FTPS, SFTP and AS2 audit log screens. Authorized Web Users can also see the virtual paths when viewing their own audit activity within the GoAnywhere Services Web Client.
  • Added support for the Clear Command Channel (CCC) command within the FTP and FTPS protocols. A Product Administrator can configure if this command is allowed when setting up FTP/FTPS services in the "Service Manager" function.
  • Added a "Transfer Rate" column to the Active Transfers tab within the Web Client enhanced (applet) interface. This allows a Web User to see how quickly (in bytes-per-second) that each of their file transfers are running.
  • Added a status wheel to visually indicate to the Web User that they should wait (for the system to process) when attaching files to a Secure Mail package and when uploading files through the Web Client basic interface.
  • Added an option on the Audit Log Rules screen to allow an administrator to enable or disable the processing of all audit rules.
  • Added a feature on the Audit Log Rules screen that allows an administrator to test whether certain events will be logged when generated from a specified IP address.
  • Added a default Audit Log Rule that will be shipped with new installations of GoAnywhere Services which will ignore logging of the "Checksum Successful" event since it is typically insignificant for audit purposes. If an administrator wishes, this event can be logged by removing this rule. This affects new installations only.
  • Added extra validation on the Users page to prevent a Security Officer user from deleting their own account.
  • Added a new setting in the HTTPS preferences to indicate whether the Site URL should be used when making connections to GoAnywhere Services from the Java applet within the Web Client.
  • Added an option on the List Web Users page to allow an administrator to export all results (meeting the filter criteria) to an XML file. For instance, you could choose to view all "Active" Web Users, which may span over several pages. The new export feature will allow you to export all of those pages at once.
  • Added a new tab to the configuration page for GoAnywhere Director Resources called "Alternate Systems", which allows you to specify the host names (or IPs) and port numbers of additional systems if GoAnywhere Director is running in a clustered environment. If the primary GoAnywhere Director system is unavailable when a Project is called from a Trigger, those Alternate Systems within the cluster will be tried.
  • Added a new Password Algorithm parameter when importing Web Users, which allows you to specify the hash algorithm that was used to encrypt the passwords. The password algorithm parameter is available when importing Web Users from CSV or XML format, as well as when creating Web Users with the GACMD command line interface. The password algorithm parameter is useful when importing Web User accounts (with hashed passwords) from other 3rd party applications, which will allow those Web Users to continue to use their existing passwords (without having to reset their passwords) in GoAnywhere Services. Supported hash algorithms are MD2, MD5, SHA-1, SHA-256, SHA-384 and SHA-512. Please note that the encrypted passwords should also be base64 encoded.
  • Enhanced the encryption of user passwords by using the SHA-512 hash algorithm, which is applicable to Admin Users and Web Users that use the GoAnywhere Services database for authentication. Passwords for existing user accounts (that authenticate against GoAnywhere Services) will be converted (rehashed) automatically with the SHA-512 encryption algorithm after the users log in.
  • Enhanced the View Database Configuration page to only show the latest configuration section if it differs from the current database configuration.
  • Enhanced the audit log pages for HTTPS, FTP, FTPS, SFTP and AS2 with a new action to view more information (e.g. name, organization, email, phone number, etc.) about the Web User associated to the event.
  • Enhanced the Web User Group configuration page with a new "Members" tab that supports working with over 10,000 Web Users. This new tab allows an administrator to page through all Web Users (using the Next and Previous buttons), with options to add and remove Web Users from a group.
  • Enhanced validation on Resource names to restrict special characters. This validation only occurs when creating new Resources.
  • Enhanced the "News and Tips" section on the Dashboard to be collapsed (by default) if there was a problem loading the news feed in the past. This will prevent additional errors from being recorded in the global log by not continuing to try to connect to the news feed.
  • Enhanced the "News and Tips" section on the dashboard to retrieve the news feed from an HTTPS (not HTTP) source if the GoAnywhere Services administrator was accessed via HTTPS. This will avoid warnings in some browsers about downloading unsecure content.
  • Enhanced the menu bar in the Web Client to hide the File Manager drop-down if only one interface (either enhanced or basic) is enabled.
  • Enhanced several pages in the administrator to wrap text when needed in order to fit horizontally on a page when printing.
  • Enhanced the alignment and positioning of radio buttons and checkboxes on all pages to align better with other input fields.
  • Enhanced the Execute Native Command action on Triggers to close the error stream to help prevent the "Too Many Open Files" error.
  • Enhanced the authentication process for Web Users by verifying their IP address before validating their user ID and password. This prevents extra authentication attempts from unauthorized IP addresses.
  • Fixed an issue in the File Chooser popup where file names with spaces were not being selected properly.
  • Fixed an issue in the File Chooser popup where Network Shares were being wrapped in double quotes when selected.
  • Fixed an issue in the Java applet where the New Folder menu item wasn't available in some cases.
  • Fixed the default sort order on the List Web User page to be ascending on the User Name column.
  • Updated the SFTP server API from version 1.5.2 to 1.6.1.
  • Updated the Bouncy Castle API used for SSL certificate management and in the AS2 service from version 1.38 to 1.48.
  • Updated the JGroups API from version 3.2.3 to 3.3.3.
  • Updated the signature on the Java applet used in the Web Client enhanced interface to be valid for another three years.
  • Enhanced the user interface of the Java applet used in the Web Client to clearly indicate the local file system versus remote file system panels.
  • Fixed an issue in the Java applet used in the Web Client that occurred when changing directories with non-ASCII characters in the directory name.
  • Fixed an issue with the STAT command in the FTP and FTPS services when listing directories.
  • Fixed an issue where the Chrome browser was automatically populating username and password fields on certain pages when the 'Allow Browsers to Save Login Credentials' option is enabled.
  • Updated FTPS service to properly default the data channels to protected when using implicit SSL.
  • Fixed an issue on the Global IP Filters where the Modified By setting was not being updated to the current user.
  • Fixed an issue in the FTP and FTPS services where exceptions were being logged when closing idle connections that don't have data connections.
  • Fixed an issue when running GoAnywhere Services in a clustered environment where updates to the FIPS 140-2 page or to the default template on the List Web User Templates page wasn't being refreshed on other systems in the cluster.
  • Fixed a potential timing issue in the communication protocol used for clustering GoAnywhere Services when acquiring locks.
  • Enhanced validation during startup when running GoAnywhere Services in a clustered environment to prevent more than one system from being Coordinator at the same time due to timing issues.
  • Removed the Force Encrypted Command Channel setting from the implicit FTPS configuration.
  • Removed the logout successful message from the Web Client.
  • Moved the mail.jar and activation.jar files from the /lib directory to the [installdirectory]/tomcat/endorsed directory.
  • Updated the default trusted SSL certificates that are shipped with the product to the most recent certificates. This affects new installations only.
  • Modified the maximum JVM memory allocation from 512 to 1024 MB. This affects new installations only.

Apr 3, 2013 - Version 3.2.1

  • Updated the default content transfer encoding used for verifying AS2 signatures from 7bit to binary.

May 8, 2013 - Version 3.2.0

  • Added support for a new Android application with the following features:
    • Secure Mail messages with attachments can be sent directly from your mobile device.
    • Local files on the device can be opened, renamed, deleted or uploaded to GoAnywhere Services.
    • Remote files that reside on GoAnywhere Services can be downloaded to your device's file system (e.g. SD card).
    • Users are prompted to agree to the disclaimer specified in GoAnywhere Services before they can login.
    • The application can securely remember your credentials to provide seamless access while the application is used over long periods of time.
    • The GoAnywhere Android application is a free download available from the Google Play Store.
  • Added support for a special "anonymous" Web User account, which can be enabled to allow public access to all supported protocols including FTP, FTPS, SFTP, HTTPS and AS2.
    • Only an administrator with the Security Officer role can enable anonymous access. This is configured under the Web User Security Settings page. Anonymous passwords can be allowed to be blank, or can be required to match against a RegEx expression or email syntax. The Security Officer can also indicate if anonymous passwords should be recorded in the audit logs.
    • Once anonymous access is enabled, an administrator with the Web User Manager role is allowed to manage the settings for the anonymous Web User including the allowed protocols, IP filters and authorized folders.
    • For existing installations, the anonymous account will be automatically created during the upgrade process if anonymous access was enabled on the FTP or FTPS services. It will then be removed from the FTP and FTPS service configuration screens.
    • Please note that if the anonymous access is enabled, the anonymous account cannot be promoted, exported or deleted.
  • Added support for consolidating the permissions on files and subfolders between Web Users and Web User Groups if the alias specified is the same. This is the same type of consolidation that occurs now on the Home Directory. A new setting on the Folders tab of the Web User Security Settings page can be used to enable or disable consolidating subfolder permissions. The setting will be disabled during upgrades for backwards compatibility reasons.
  • Added a new setting in the HTTPS preferences to remember the login credentials for the Web Client. This setting is not enabled by default.
  • Allowed the "Checksum Successful" and "Checksum Failed" events to be configured in the Audit Log Rules, which allows you to suppress the logging of these events.
  • Converted the "All Web Users" Web User Group to be a standard group that can be promoted, exported and deleted. Web Users are no longer required to be a member of the "All Web Users" group. For backwards compatibility reasons, all Web User Templates will be updated (when GoAnywhere Services is upgraded) to refer to use this converted "All Web Users" group. This will keep all new Web Users being created to still belong to this group. However, administrative users can now remove this special group if it is not being used.
  • Enhanced the Brute-Force Attack Monitor to only blacklist certain types of login failures. In general, if the user supplies a valid user and password, but fails to login due to any other reason (e.g. maximum sessions), they will not be subject to blacklisting.
  • Updated the Oracle JDBC driver that is shipped with GoAnywhere Services.
  • Enhanced the View Web User Group Details page to show the Created By, Created On, Modified By and Modified On attributes.
  • Enhanced the Log Manager page by splitting the Global Log and Syslog settings into two separate tabs.
  • Enhanced the Execute Native Command action on Triggers to close its open files immediately after execution, instead of waiting for the JRE's garbage collector to close those files. This should help prevent the reported error message of "Too Many Open Files" when the JRE's open file limit is not set high enough on Linux/Unix based operating systems.
  • Fixed an issue where the failed login attempts were not being reset after a successful login using SSH keys or SSL certificates.
  • Fixed an issue with the chart not rendering on the dashboard that occurred in rare situations during navigation with a User account that only contained the Auditor role.
  • Fixed an issue on the Execute Native Command action on Triggers that was preventing the variable popup to show.
  • Fixed an issue on certain pages that offered a rename popup where it didn't render when the file or item being renamed contained an apostrophe.

Feb 8, 2013 - Version 3.1.3

  • Enhanced the AS2 service to allow detached signatures to be verified.
  • Enhanced the AS2 service by forcing the content-type HTTP header to be on a single line in the MDN (receipt) for compatibility with other AS2 clients.

Jan 15, 2013 - Version 3.1.2

  • Upgraded the embedded Apache Derby database from 10.8.2.2 to 10.9.1.0.
  • Fixed an issue that occurred in certain cases while testing SMTP configurations from the Global Settings.
  • Fixed a issue that was keeping audit logs from being logged properly when a file event was generated for the web user root directory.
  • Fixed a potential issue with resolving SMB network files.

Dec 27, 2012 - Version 3.1.1

  • Fixed an issue with secure mail incorrectly redirecting to the login page when accessing a password protected package. This was a side affect of the Apache Tomcat upgrade introduced in 3.1.0.

Dec 17, 2012 - Version 3.1.0

  • Added support for clustering (also known as load balancing or active-active). Clustering allows two or more GoAnywhere Services installations (systems) to provide shared services to a common set of trading partners. This provides greater scalability by allowing workloads to be distributed across multiple GoAnywhere Services systems. To provide high availability (active-active failover), if one of the GoAnywhere Services systems fail, then the remaining GoAnwhere Services systems in the cluster will continue to service the trading partners. The following features have been made available to support clustering in GoAnywhere Services:
    • Set up a new communication channel so all GoAnywhere Service systems within a cluster can keep in constant communication with each other in order to share statuses and other information needed.
    • Two or more GoAnywhere Services systems within a cluster are allowed to connect to the same external database at the same time. This allows these systems to share security settings, trading partner user accounts, configurations, audit logs and other tables.
    • A new configuration file '/config/gaservices.xml' has been added under the GoAnyhwhere Services installation folder that allows you to 1) set a unique System Name (for that installation) in order to identify it within the cluster and 2) enable clustering for that system and 3) configure the IP and Port it will use to communicate with other systems in the cluster. Please note that any changes to gaservices.xml will require a restart of GoAnywhere Services in order for those changes to take effect.
    • The System Name (specified in gaservices.xml) will appear on the GoAnywhere Services console login screen, on the top-right corner of the console screens and any cluster-related screens. This name will also be recorded in audit log records so you know which system was servicing a trading partner's session during each event. The system name is accessible in Triggers using the 'event.systemName' variable.
    • A new Cluster Manager screen was added (located under the Administration menu) to show all GoAnywhere Services systems in the cluster.
    • FTP, FTPS, SFTP and HTTPS/AS2 services can be configured, viewed, started, stopped and restarted for any system in the cluster using any GoAnywhere Services administrator (console).
    • The Active Sessions screen allows administrators to view trading partner sessions (IP address, user name, login date, audit activity) for any system in the cluster. Within this screen, sessions can also be terminated (killed) on any system in the cluster.
    • GoAnywhere Gateway configurations can be viewed, updated, started and stopped from any GoAnywhere Service's console within the cluster.
    • Auto blacklist features for "Denial of Service" and "Brute Force" attacks are cluster-aware. This allows each system (in the cluster) to share security activity with each other to determine when to block attacking IP addresses from the cluster.
    • The "Max Sessions" parameter for a Web User account will limit the total number of that user's sessions for all systems within the cluster. For instance, if the Max Sessions for a Web user is set to 2 and if they are logged into 2 different systems in the cluster, then they will not be able to open any additional sessions in the cluster at that time.
    • The database can be configured or switched from any system's console in the cluster, in which those database changes will be replicated to all systems in the cluster.
    • The "Instance Name" parameter in the Global Settings has been renamed to "Environment". This setting is database driven and is shared with all systems in the cluster. For example, "Production" or "Development" would be typical environment names, whereas "System-A" and "System-B" may be good system names to identify each unique system within the environment.
    • When running in clustered mode, the Global Server Log for each system will be written to a file containing the system name in order to keep each log identified and separated properly. The syntax of the log file will be 'gaservices_[SystemName].log' where [SystemName] is the name defined in the 'gaservices.xml' configuration file. The Global Server Log files for all systems in the cluster will be written to the same logs directory (as defined in the global settings).
    • Please note that all GoAnywhere Services systems in the cluster must be at the same product version, which will be enforced. For instance, you cannot have a GoAnywhere Services system at version 3.1.0 and another system at version 3.2.0 in the same cluster.
    • Refer to the clustering section in the installation guide for more information.
  • Added support for clustering and load balancing within GoAnywhere Gateway. The following features have been made available in GoAnywhere Services to support this capability:
    • A single GoAnywhere Services system can connect to multiple GoAnywhere Gateway installations. If a Gateway installation were to go down, then the GoAnywhere Services system can process sessions from other Gateway installations in the cluster.
    • Within the Gateway Manager Screen (under the Administration menu), a new Load Balancer Rule can be specified for each service mapping. This rule is defined in GoAnywhere Gateway and can be round-robin for FTP, FTPS and SFTP protocols. For HTTPS the Load Balancer Rule is IP based round-robin which routes traffic from certain IP address for a period of time to a single system.
    • The environment and new system name of GoAnywhere Services is passed to the Gateway for logging considerations.
  • Added Audit Log Rules to allow you to turn off the logging of certain commands (events) for specific services and IP addresses. This can be used to minimize disk space by not logging minor events (from trusted sources) like Connect, Disconnect, Checksum and Create Folder Successful requests. The audit log rules are located under the "Logs" menu and can be configured by a Product Administrator.
  • Added options to automatically archive (copy) database audit log records into CSV files before those records are purged (removed) from the database. This allows customers to keep a limited number of database audit records for optimizing product performance, while storing potentially years of audit logs in CSV files for regulatory purposes. The new archive options can be configured in the "Log Manager" screen located under the "Logs" menu.
  • Added a new section on the dashboard to display news and tips. Linoma Software will use this section to notify customers of new releases, helpful techniques and other product related news.
  • Added support to allow a Web User to be associated with multiple SSH keys for authenticating SFTP connections. Prior releases only allowed one SSH key per web user. The SSH keys are now stored in the GoAnywhere Services database and are no longer stored on the file system. During the upgrade process, any existing SSH key files (for the Web Users) will be imported automatically into the database. The SSH Key Manager (located under the "Tools" menu) was enhanced to work with the database-driven SSH keys.
  • Added support for storing GoAnywhere Services backend tables on the Oracle database system (version 10g or higher). The "Switch Database" wizard was enhanced to simplify the migration, which will automatically create the tables and migrate existing data to the Oracle database system.
  • Added the ability to export Web User Groups, which will create an XML file containing all the Web User Group details. To use, select one or more Web User Group and click the "Export" button. This is useful for sharing Web User Group details with other installations of GoAnywhere Services.
  • Added the ability to import Web User Groups from an XML file. To use, select the "Import From XML" menu item from within the Web User Groups list screen.
  • Added the ability to promote Web User Groups between installations of GoAnywhere Services. To use, select one or more Web User Groups and click the "Promote" button.
  • Added a new Log Manager screen located under the "Logs" menu. The log settings (e.g. log directory, retention periods, etc.) for global settings, FTP, FTPS, SFTP, HTTPS, Triggers and Secure Mail services have been moved to this new screen. The Log Manager settings can be configured by a user with the Product Administrator role.
  • Moved the Server Log screen from the Administration menu to the new "Logs" menu. Users with the Auditor role were granted permission to view this screen. Users with Security Officer role no longer have permission to this screen.
  • Moved the Trigger Log and Trigger Log Details pages to the new "Logs" menu. Users with the Auditor role were granted permission to view these pages. Trigger Manager can still view these pages.
  • Added a link on the Trigger Log page on the Event ID column to view the audit log details.
  • Enhanced the Server Log page to allow an administrator (with proper rights) to view any log file located within the Logs Directory. The log file can be simply chosen from a drop-down list.
  • Added a Microsoft Outlook policy screen under the Secure Mail settings that allows specifying the maximum file size of the attachments that can be sent through regular email (versus Secure Mail) when the end-user presses the Outlook Send button. Also added an option to control if Outlook should ask the end-user before sending the email through Secure Mail. These policy settings can be enforced so they cannot be shut off by the end users.
  • Added another search item on the Web User list page to filter by the Web User Groups they belong to.
  • Added a note on the Secure Mail Compose page (within the Web Client) to indicate that recipient email addresses should be comma separated.
  • Added an option on the administrator and HTTPS service to customize the Server Header, which allows users to specify their own response header for security purposes.
  • Enhanced the SFTP service to allow a Product Administrator to customize the welcome message.
  • Enhanced the Web User Reset Password page to disable the option to email the password when the email is not specified on the web user account.
  • Enhanced the audit log pages to sort by event ID (by default) rather than the start time in order to guarantee that records are sorted in the correct order.
  • Enhanced the View Web User File System page to report an error when a home directory folder doesn't exists on the file system.
  • Enhanced the File Chooser popup on Trigger conditions to be able to select Network Shares.
  • Enhanced the File Chooser popup to initially start with the path that was in the field.
  • Upgraded the embedded Apache Tomcat server from 6.0.32 to 6.0.35
  • Enhanced the Trigger cache to be more aware and properly handle concurrent access when users are updating Triggers and they are being checked at the exact same time due to events caused by Web Users.
  • Enhanced the Login Method cache to gracefully handle problems during initial construction.
  • Modified the created by and modified by columns on Triggers to be stored in lowercase to be consistent with other items. The approved by and invited by columns for Web Users have also been updated to store them in lowercase.
  • Removed the database backup and tuning pages when the database is Network Derby. Although automated backups and tuning may have been configured they were never executing when running on Network Derby.
  • Added a JVM argument to the system startup that forces the Solaris JVM to behave like all other operating systems in regards to thread interruption. Omitting this flag was causing sparatic thread failures on Solaris installations. This Solaris specific JVM argument is added to all new and upgraded installs, no manual changes are needed.
  • Modified the database table indexes being used for audit logs.
  • Modified the Command Center to use the character set provided in the request and to return a more appropriate message when required parameters are missing.
  • Modified the show/hide columns on the audit log pages for FTP, FTPS and SFTP to have two columns along with "select all" and "deselect all" features.
  • Modified the Web User list page to properly sort on string values that contained upper and lower case values to work across all databases.
  • Fixed an issue in the audit logs where the file path contained the hard link when soft links were used.
  • Fixed an issue where the IP address, when going through the Gateway, can be misreported as the local IP address of Services on disconnect events.
  • Fixed an issue in the SFTP service by returning a more appropriate response when the Web User doesn't have list permissions.
  • Fixed an issue in Triggers where the 'event.reasonCode' in the IP Blacklisted event could not be part of a Trigger condition.
  • Fixed an issue on the File Manager that allowed somebody to rename a file to a folder that they are not permitted to by using '..' syntax.
  • Fixed an issue on the Global Settings page that was causing the modal panel to create Web User directories to pop up when it wasn't required.
  • Fixed an issue with the Web User imports and promotion where Web Users with an approved by attribute was being improperly validated.
  • Fixed an issue with the Webdocs favorites link in the File Chooser popup when the path was referring to a Network Share.
  • Fixed an issue where the alias for the home directory on Web User Groups was being stored when it is not needed.
  • Fixed a bug where the file extension filter for the web client was being applied to the file manager in the administrator.
  • Fixed an issue where the path for event.user.loginDirectory contained a trailing slash when used in trigger actions (Call Project, Send Email, etc.) when the login directory is a Network Share.

Nov 20, 2012 - Version 3.0.2

  • Fixed an issue where AS/2 audit logs failed to be sorted by Event ID when running on an Apache Derby database.
  • Fixed some encoding issues with file transfers and directory listings in the Enhanced Web Client.
  • Fixed an issue with the download permission check on remote folders that was causing the Download option to be disabled on the right-click menu.
  • Fixed an issue with the 'event.user.loginDirectory' variable that was causing problems when used in a trigger conditioned.
  • Added Pack200 compressed JAR files for the enhanced client. Certain browsers running Java 1.7 were trying to retrieve these files causing multiple 404 errors in the server log.

Oct 2, 2012 - Version 3.0.1

  • Fixed an issue where passive ports for FTP/S were failing to timeout when clients going through GoAnywhere Gateway requested passive data connections but did not use them. This fix requires GoAnywhere Gateway version 1.2.0 or higher.
  • Fixed an issue that was requiring authentication when testing SMTP configurations from the Global Settings.
  • Fixed a potential '500 Internal Server Error' on the Manage Services page. This was caused by the active session count for the FTP and FTPS services becoming inconsistent with the actual number of active sessions.
  • Fixed an issue with file downloads not working when using drag and drop in the Enhanced Web Client. This issue was introduced in version 3.0.0.

August 31, 2012 - Version 3.0.0

Important: Existing customers of GoAnywhere Services should read and understand the following considerations before upgrading to 3.0:

Existing administrative users with the "Trigger Manager" role will be additionally granted the new "Resource Manager" role during the product upgrade process. The Resource Manager role will allow these admin users to manage connections for SMB/CIFS Network Shares and GoAnywhere Director installations.

Web User accounts that are configured to utilize the AS2 protocol will need explicitly defined permissions for the folders which their AS2 documents are uploaded into. Permissions (such as Upload rights) will no longer be assumed for AS2 users. Therefore, after upgrading the product, you should grant permissions to upload files and perform file checksums under the Web User's "Folders" tab. Permissions to create subfolders, overwrite or append to files may also need to be granted, depending on the account settings.

Due to the flexibility of new Virtual Folders feature, the "Create Inbound and Outbound Folders" setting was removed from the global settings in the 3.0 release. If that global setting was enabled in your installation, then the product upgrade process will modify all Web User Templates to create Inbound and Outbound folders (see the new Folders tab in the Templates). Therefore all new Web Users created from those templates will still have Inbound and Outbound folders defined.

It is recommended to no longer use the "Restrict Uploads to Inbound Directory" setting, which was accessible from the preferences screens in the Service Manager. It is still supported in version 3.0 for installations that had this setting enabled, but it will eventually be removed in a future release. With the 3.0 release, it is highly recommended to use the new Virtual Folders permissions if you wish to restrict permissions to Inbound directories.

Enhancements are as follows:
  • Added support for Virtual Folders (and Virtual Files) to allow detailed permissions and multiple data sources for each Web User account. This includes the following features:
    • Added a new "Network Shares" resource to allow access to folders and files on other servers in the network using the SMB/CIFS protocol. Network Shares can be defined with a static user ID and password or can be defined to use the currently logged in user credentials. Most server operating systems support SMB/CIFS including Windows, Linux, AIX, UNIX, Solaris and IBM i.
    • Added the ability to define virtual folders and files at the Web User level using the new "Folders" tab. When defining a folder or file to provide to the Web User, you can specify its alias (name shown to user), path and permissions. The path can be a physical path or can refer to a Network Share.
    • Added the ability to define virtual folders, files and permissions at the Web User Template level. When creating a Web User, the virtual folders/files defined on the template will be applied to the Web User, which can later be modified at the Web User level.
    • Added the ability to define virtual folders, files and permissions at the Web User Group level. A Web User can be assigned to one or more Groups, in which the Web User will adopt those Groups' defined virtual folders and files. Please note that if the Web User has a virtual folder/file defined with the same alias as a Group which they belong to, the Web User's defined virtual folder/file will take precedence.
    • Added a new "Overwrite" permission to indicate if the user can overwrite an existing file. This permission can be specified at the Group, Template and Web User levels.
    • Added a new "Append" permission to indicate if the user can append to the end of an existing file. Append is used when a failed transfer is resumed from the client. The Append permission can be specified at the Group, Template and Web User levels.
    • Virtual folders and files can be defined with a relative path to the Web User's home directory using the variable ${homeDirectory} in the beginning of the path name. Example: "${homeDirectory}/inbound".
    • Removed the global setting named "Create Inbound and Outbound Folders". If this global setting was enabled in your installation, then the product upgrade process will modify all Web User Templates to create Inbound and Outbound folders (see the new Folders tab in the Templates). Therefore any new Web Users created from those templates will still have inbound and outbound folders defined.
    • When a Web User account is saved, GoAnywhere Services will attempt to create the home directory and all relative subfolders for the Web User if those folders do not already exist.
    • Added a new page to view the Web User file system, which will display the consolidated permissions (from the user and its groups) of all files and folders the Web User has access to. This allows Web User Managers to see exactly what the Web User will see when they log into GoAnywhere Services. This new screen is available from the "More Actions..." menu next to a Web User.
    • At the Web User Group level, if defining virtual folders that are relative to the Web User's home directory (using the ${homeDirectory} variable in the path name), a prompt will allow the administrator to automatically create these folders for all Web Users belonging to the group.
    • Virtual folder and file permissions can be quickly turned on and off using the new "select all" and "deselect all" links within the "Folders" tab for templates, groups and web users.
    • If not currently enabled in a prior version, then removed the setting named "Restrict Uploads To Inbound Directory" from the Service Manager preferences pages during the product upgrade process.
  • Added support for allowing Web Users to invite other individuals to use GoAnywhere Services. This includes the following features:
    • Added a new "Send Invitations" permission, which can be enabled on a Web User and Web User Group level.
    • The email addresses (or patterns) which can be invited are managed within the "Web User Self-Registration" screen, which is located under the administrator "Security" menu. In addition to Allow and Deny permissions, a new "Invite Only" permission can be specified for each email pattern.
    • If the Web User is authorized, they will be able to choose the "Invite Users" menu option from within the Web Client. This will allow them to specify the email addresses of the individuals to invite. When submitted, each invited individual will receive an email with a link to register. Please note that new accounts can be placed in a "pending" status until approved by the administrator.
    • The register link on the Web Client login page can be enabled or disabled. This is controlled in the "Web User Self-Registration" screen, which is located under the "Security" menu.
    • A new screen named "Pending Invitations" was created to allow an administrator to view and/or delete any invitations that have not been acted upon yet by the recipients. This screen can be accessed from the "Web Users" list page.
    • For invitations, new columns are available on the Web User list screen which are named "Send Invitations", "Invited By Web User" and Invited On". They can be shown or hidden using the "Show/Hide Columns" link.
  • Added the ability to export Web Users, which will create an XML file containing all the Web User details. To use, select one or more Web Users and click the "Export" button.
  • Added the ability to import Web Users from an XML file. To use, select the "Import Web Users" menu item from within the Web Users list screen.
  • Added the ability to promote Web Users between installations of GoAnywhere Services. This is very useful when you have a development and production environment. To use, select one or more Web Users and click the "Promote" button.
  • Added a new API interface for adding and deleting Web Users from external systems. This API can be called from the command line and scripts using the new GoAnywhere Command named gaCmd (downloadable from the GoAnywhereMFT.com web site). It can also be called from Java programs using method calls. This interface uses the HTTP(S) protocol which provides access from remote systems.
  • Added the ability to export a Trigger, which will create an XML file containing all the Trigger details. To use, select the Export option from the "More Actions..." menu in the Trigger Manager.
  • Added the ability to import a Trigger from an XML file. To use, select the "Import Trigger" menu item from within the Trigger Manager screen.
  • Added a button to the Global "SMTP Settings" tab to allow the administrator to test the SMTP connection details. A successful test will send an email to the recipient specified.
  • Moved GoAnywhere Director connection settings under the new "Resources" menu. All users with the Trigger Manager role will also be granted the new Resource Manager role when GoAnywhere Services is upgraded. This will allow these users to maintain the GoAnywhere Director connections settings, as well as the new Network Share connection settings.
  • Enhanced the AS2 service to utilize the permissions defined on virtual folders. In prior releases, the create subfolders, upload, checksum and other permissions were assumed when AS2 was enabled for a Web User.
  • Enhanced the Disable Account After X Failed Login Attempts on the Web User Security Settings to accept 0 to disable this option.
  • Enhanced the java applet (named "Enhanced Web Client") to allow 1) keystroke searching of files 2) pressing enter to navigate or execute transfers 3) pressing backspace to navigate up a directory and 4) pressing delete to remove the selected files/folders.
  • Enhanced all numeric fields on the Secure Mail Settings page to use spin controls.
  • Enhanced the rename graphic that appears in the File Manager and in the Web Client to make it more intuitive.
  • Fixed an issue where the change password permission specified on the Web User Template was not being applied to a Web User during creation.
  • Fixed an issue in the SFTP service where the full file path was being returned in some cases when an error occurred.
  • Removed support for Web Users to have home directories defined that are relative to the installation directory of GoAnywhere Services.
  • Modified the default Email Verification Grace Period on the Self-Registration Settings to 72 hours. This change will only affect new installations.

July 11, 2012 - Version 2.8.0 Released

  • Created a plugin for Microsoft Outlook 2010 to send Secure Mail. The plugin can be used with GoAnywhere Services 2.8.0 and higher. The following features are available in the plugin:
    • Configuration options are restricted to the Secure Mail Settings defined in GoAnywhere Services.
    • File attachments that normally exceed the allowed attachment size can be sent from Outlook.
    • Messages can be sent using Secure Mail when the regular Send button in Outlook is clicked (based on configuration rules).
    • The progress of uploads can be monitored.
    • Provides a graceful shutdown of Outlook when messages are still being uploaded.
    • A Secure Mail Outbox folder is created which stores all messages that are currently being uploaded to GoAnywhere Services.
    • After messages are submitted to GoAnywhere Services, a receipt is returned and stored in the Outlook Sent Items folder.
    • All activity from the Outlook plugin is logged in the GoAnywhere Services HTTPS audit logs.
  • Added additional columns to the Web User management page and made the columns sortable.
  • Added new configuration options to the administrator allowing HTTP traffic to be automatically redirected to secure HTTPS.
  • Added labels to pick lists to indicate which items are available in the left box and which items are selected in the right box.
  • Added extra validation to Web User creation to validate that an IP filter entry exists when IP filtering is enabled and set to whitelist.
  • Modified the Database Tuning process to be disabled by default for new installations.
  • Enhanced the FTP and FTPS services to immediately terminate all active connections when GoAnywhere Services shuts down.
  • Enhanced several servlets for HTTPS that were not reporting the user name in audit logs when a session for a user times-out during long executing transactions.
  • Fixed an issue on the database backup and tuning pages where the next runtime was not displaying the correct date. This issue only affected the screens as the actual jobs were executing at the correct dates.
  • Fixed an issue where some messages were being reported to the Web Client when Trigger Actions failed to compile during execution.

May 31, 2012 - Version 2.7.3 Released

  • Added a new feature to limit the number of concurrent sessions a Web User can have.
  • Added the ability to promote a Trigger to another GoAnywhere Services installation.
  • Added a new field on the Trigger Manager page that can be used to move Triggers up/down by specifying the position in the list.
  • Enhanced Trigger conditions to allow logical operators (and/or) to be specified per condition and for conditions to be grouped with parentheses.
  • Enhanced FTP and FTPS services to deny anonymous access in the PASS command rather than the USER command. This allows Windows Explorer and other clients to prompt for credentials when anonymous access is not enabled.
  • Added a footer message to the administrator screens to indicate when GoAnywhere Services is running in FIPS 140-2 mode.
  • Enhanced the file and folder rename popup to load the current name. This allows you to quickly modify just a part of the name without typing the whole name in.
  • Enhanced validation on Web User Imports to make sure the user name does not exceed 64 characters.
  • Fixed an issue with the Database Statistics page that occurred when GoAnywhere Services is running on MySQL installed on Linux.
  • Fixed the message shown on the generic error page by removing certain HTML tags that were being shown to the screen.

May 9, 2012 - Version 2.7.2 Released

  • Fixed an issue with passwords expiring when using Active Directory, LDAP or IBM i as the Login Method.

May 1, 2012 - Version 2.7.1 Released

  • Added validation to the FIPS 140-2 Compliance page to ensure proper KeyStore configuration when enabling FIPS Mode.
  • Fixed an issue with the global log file that was preventing log files from rolling when the size threshold was reached.
  • Fixed an issue with importing SSL certificates that contained CRLF end of line characters.
  • Fixed an issue with the FTP/FTPS server configuration where the Key Store Provider was not being applied appropriately.

Apr 19, 2012 - Version 2.7.0 Released

  • Added FIPS 140-2 Compliance Mode, which allows a customer to choose that only FIPS 140-2 approved encryption algorithms (ciphers) should be used for protecting communications over HTTPS, AS2, FTPS, SFTP, SCP, SMTPS, LDAPS and JDBC-over-ssl. FIPS 140-2 compliance mode can only be enabled if it is licensed from Linoma Software.
  • Created an API that can be used to send Secure Mail from external client applications.
  • Upgraded the internal database (Derby) from 10.4.1.3 to 10.8.2.2.
  • Added a Database Statistics page to report the number of rows in each table.
  • Enhanced file name preservation when downloading files. This fixed an issue with IE 9 where spaces were converted to plus symbols and with Safari interpreting file names incorrectly.
  • Enhanced HTTPS service startup to catch and report bind exceptions (port number already in use) to the user.
  • Enhanced service startup error handling and log messages for issues with licensing.
  • Enhanced validation on the Secure Mail Settings page for the maximum downloads and package expiration settings.
  • Fixed an issue with symbolic links not working in SFTP.
  • Fixed an issue with database backup and tuning where the jobs were running one hour off after DST.
  • Fixed an issue on the upload file pop-up in the Web Client to encode all parameters.
  • Fixed an issue where users with only the Secure Mail Manager role were not able to login.
  • Fixed an issue where the Last Modified By and Last Modified On were not updated when a web user manager approved a web user that was pending approval.
  • Fixed an issue with the length of the Last Modified By field in the database that prevented web users with a user name greater than 20 characters from changing their password.
  • Fixed an issue with opening SSH keys that do not contain comments and were missing the standard space after the key block.

Mar 19, 2012 - Version 2.6.1 Released

  • Added encoding to the text rendered on the custom error pages.
  • Fixed column header styling on the Download Package page that wasn't rendering correctly on IE.

Feb 2, 2012 - Version 2.6.0 Released

  • Added a Secure Mail module which allows web users to send ad-hoc messages with file attachments to recipients, which uses a combination of email and secure HTTPS protocol. The following features are available in Secure Mail:
    • No limits on the number of files you can attach to a Secure Mail package.
    • Multiple recipients can be targeted.
    • When messages are sent, each recipient receives an email with a unique link to download the files securely using HTTPS.
    • Users can request a read receipt to be notified when a recipient reads the message.
    • Packages can be set to expire after a given date.
    • Download restrictions can limit the number of times recipients can download files.
    • Detailed audit logs are generated for all Secure Mail activity including when packages are sent, when they are opened and when their files are downloaded.
    • Messages can be saved as drafts for future editing.
    • Inactive packages can be automatically purged to save disk space.
  • Added self-registration for web users. When enabled, the following features are available:
    • Administrators can define which email addresses or domains are allowed to self-register. For example, you could only allow your employees to register with their corporate email addresses. For each registration group, you can specify the template to use to determine the registered user's default permissions, home directory, etc.
    • Self-registered Web Users can be authenticated against an existing Active Directory, LDAP or IBM i system. Otherwise you can choose to have them create a new account and password in GoAnywhere Services.
    • Email notifications can be sent to Web User Managers when a web user registers.
    • Users can be registered into a pending approval status, requiring an administrator to approve them before becoming active.
  • Added the ability to automatically blacklist IP addresses to prevent potential brute-force or denial of service attacks. This is available under the Security menu.
  • Added the ability to notify web users by email when their passwords are about to expire.
  • Added a new security policy to enforce restrictions on web user names, such as a minimum length.
  • Added a new trigger event that is fired when a web user account is disabled due to excessive login failures.
  • Added the ability to search for web users based on their account status. The account status is now displayed as an additional column to easily indicate if they are pending approval, expired, disabled or enabled.
  • Added new configuration options to the HTTPS service allowing HTTP traffic to be automatically redirected to HTTPS.
  • Added the ability to browse projects in GoAnywhere Director when configuring a trigger that calls a project.
  • Added the ability to import multiple certificates from a single input file.
  • Added support for importing of PEM formatted private keys and the associated certificate chain.
  • Added SSL/TLS support when connecting to the SMTP server defined in the global settings.
  • Added the ability to disable the reuse of SMTP connections. This is to work around issues with some Exchange servers when connections timeout.
  • Added a new setting where administrators can define the URL to the HTTPS Web Client. This setting is used when sending out emails that contain a link to the site.
  • Added a new setting in the HTTPS preferences to allow web users to update their profile via the Web Client.
  • Enhanced all email templates to be HTML based. Email templates are now installed in the proddata/emailtemplates folder and will be used unless they are overridden by creating the same template in the userdata/emailtemplates folder. The templates in /proddata will be overridden during upgrades and the templates in /userdata will not be modified.
  • Added a new configuration option to the SFTP service to override the software name and version that is published by the SFTP service.
  • Adjusted the test results pop-up on the Configure Resource page for triggers to only show the stack trace of a failed test when the user clicks the 'Show Stack Trace' link.
  • Fixed compatibility issues with Internet Explorer 9.
  • Fixed a false validation error when the 'Rename Certificate Alias' dialog is canceled.
  • Fixed rendering issues in various service configuration pages when there are long labels in outline tree.
  • Fixed an issue where Connection Timeout changes were not being rendered back to the screen in Admin Server Configuration.
  • Fixed a Null Pointer error that could occur when creating a web user with no password, but the template requires a password.
  • Fixed an issue where web users are unable to change their password when an administrator forces a password change and the password policy has a minimum password age defined.
  • Fixed an issue with installing an SSH key for a web user where the installed file name is not converted to lower case which causes issues on case sensitive file systems (e.g. Linux/Unix).

Dec 6, 2011 - Version 2.5.6 Released

  • Fixed an issue in the HTTPS/AS2 service when a web user's home directory was set to a UNC path. This issue was introduced in version 2.5.3.

Oct 31, 2011 - Version 2.5.5 Released

  • Enhanced the acceptable file extensions filter to allow additional customization in all services.

Oct 3, 2011 - Version 2.5.4 Released

  • Fixed a potential issue with the SFTP service where some connections were failing when an SFTP client starts the key exchange before receiving the version message from the server.
  • Fixed an issue with the SFTP Service were user defined Comments were not being applied properly.

Aug 26, 2011 - Version 2.5.3 Released

  • Enhanced the FTP and FTPS services to allow forcing SSL encryption on the command and data channels.
  • Fixed an issue with the HTTPS Service where the Basic and Enhanced Web Clients were not working properly with symbolic links.

Aug 11, 2011 - Version 2.5.2 Released

  • Fixed an issue where 404 errors were logged to the Server Log when accessing the Web Help.

Aug 4, 2011 - Version 2.5.1 Released

  • Fixed an issue where the idle timeout setting of the SFTP service was not taking effect and was always being set to 5 minutes.
  • Fixed an issue with the SFTP service where the displayed active session count was not accurate when sessions were closed due to inactivity. This was resulting in an internal server error when the Active Sessions page was accessed.
  • Fixed an issue with the AS/2 dashboard statistics where the number of uploads reported was incorrect.
  • Fixed an issue with the FTP/FTPES (Explicit SSL) service where logins were failing with plain (unsecured) FTP if the web user was configured with certificate authentication for FTPES.
  • Updated the MySQL JDBC driver from version 5.0.3 to 5.1.17.

Jul 25, 2011 - Version 2.5.0 Released

  • Implemented the AS/2 service. This separately licensed feature allows your organization to receive messages from your trading partners over the AS/2 protocol. The AS/2 service supports synchronous and asynchronous MDNs (aka receipts). The asynchronous receipts can be sent to an email address or another AS/2 server at your trading partner’s location. Provided configuration settings (accessible from the administration screens) for setting up general AS/2 options, as well as AS/2 settings for each trading partner account.  Also provided detailed audit logs of all AS/2 activity which can be queried and viewed in the administration screens.
  • Added support for storing the GoAnywhere Services database on IBM DB2/400, Microsoft SQL Server, MySQL and Derby (network mode). A migration wizard is provided to allow the migration of the existing data from the embedded Derby database to the external database.
  • Enhanced the FTP/FTPS services to route secondary connections (passive and active data connections) through the GoAnywhere Gateway if the primary (control) connection was originated from the GoAnywhere Gateway.
  • Provided a new screen to allow the "real-time" monitoring of active sessions for each of the services.  For instance, you could view all the users that are logged onto the SFTP service which would show the user name for each session, when they connected and how much data they transferred.  From the monitoring screen, you can also view the audit trail of commands that were issued by the user. This screen includes the ability to terminate (kick) selected sessions.
  • Added the ability to specify a custom banner message for the FTP, FTPS and SFTP Services.
  • Added a new Trigger Action to allow the renaming of files. For instance, after a file is uploaded, a trigger could be defined to rename the file to a different name.
  • Added a new Trigger Action to allow the execution of native commands and scripts.  For instance, after a file is downloaded, a trigger could be defined to call a shell script.
  • Added a new Security Settings screen under the Security menu. This screen allows you to specify the idle session timeout for administrator users, and whether browsers are allowed to save their login credentials.
  • Added a new feature that allows Web Client users to reset a forgotten password from the login page. If the web user has an email address on file, they can be emailed a link which will direct them to a page to specify a new password. This feature can be enabled or disabled by the product administrators.
  • Enhanced the Web Client to allow a custom disclaimer to be displayed on the login page. Administrators can configure whether or not the disclaimer is displayed, the text to display and an optional link to a disclaimer document.
  • Enhanced the Web Client to display a help link which will display the default help document shipped with the product.  The administrator can optionally specify a custom file/URL containing a custom help document for the end users.
  • Added the option to transfer files in ASCII mode when using the Enhanced Web Client. Administrators can define the file name patterns that should be transferred in ASCII mode.
  • Added the ability to resume failed transfers from the Enhanced Web Client.
  • Enhanced the usability of the product screens by storing screen preferences for the admin users. For instance, it will remember the columns that were chosen by a user in the audit log screens, which will then be displayed the next time it is accessed.  As another example, it will remember which statistics the user last viewed on the dashboard.
  • Enhanced the overall styling of the product screens and menus for usability and aesthetics.
  • For security reasons, updated the login process to destroy the old session and create a new session upon successful login.
  • For security reasons, disabled HTTP GET requests for login processing.
  • Implemented custom error pages to display any unexpected errors that occur during request processing.
  • Added a new option to create a pool of SMTP connections that can be shared across by various modules when sending out emails. Administrators have the ability to define the maximum pool size.
  • Added the ability to import SSH Public Keys for Web Users from within the administrator.
  • Added an option in the Global Settings to adjust the Global Log Level.
  • Enhanced the upload process in the HTTPS Service/Web Client to avoid using temporary files. The use of temporary files were causing issues in certain environments.
  • Upgraded the embedded Apache Tomcat server from 6.0.18 to 6.0.32.
  • Removed Groups and Web User Groups from the Quick Links on the Dashboard page and substituted them with Active Sessions and Audit Logs.
  • Standardized the menu item labels on the main menu bar to make them consistent.
  • Removed the Global Log Format setting from the Global Settings.
  • Enhanced the Web User Password Policy to set a limit on the Minimum Age of a password.
  • Enhanced the Web User Password Policy to disallow the reuse of a specific number of previously used passwords.
  • Added a new permission to grant/deny checksum verification for web users. The upgrader will grant this permission to the 'All Web Users' group.
  • Moved the Change Password from being a File Permission to a stand-alone permission.
  • Added a column in the Service Manager page that displays the date and time each Service was started.
  • Combined the User Guide and Support pages into a 'Help Center' page under the 'Help' menu.
  • Removed the Live Help option from the Help -> Support page. The Live Help is still available through the Online Help Center link.
  • Organized various action icons in the Trigger Manager, Web Users and Service Manager pages into a drop-down menu.
  • Added the ability to encrypt the password in the Call Project Action.
  • Updated the Login Method names to be more descriptive.
  • Added the ability to provide direct links to download files from the Web Client.
  • Increased the limit on Acceptable File Extensions for all services to 2000 characters from 512.
  • Fixed an issue where configuration changes made to a service are not taking effect unless GoAnywhere Services is restarted.
  • Fixed an issue where Web Users could not connect to various services through GoAnywhere Gateway when the Web User has a whitelist IP filter.
  • Fixed an issue where the SMTP password in Global Settings was being stored unencrypted.
  • Fixed an issue where Date Input fields were not always working when the Date/Timestamp format in the Global Settings was set to a two digit year.
  • Fixed an issue where some browsers were automatically populating username and password fields in certain pages. This issue was present when the 'Save Password' option was enabled in some browsers.
  • Fixed an issue where Trigger Actions were logging certain errors twice to the Trigger Log.
  • Fixed an issue with using international characters in the trigger/action definition.
  • Fixed a typo in the Enhanced Web Client where the status "Transferring" was misspelled.
  • Fixed an issue in the Services Audit Logs where one could not switch between the Basic and Advanced tabs if no Severity options were selected.
  • Fixed an issue in the Services Audit Logs where if one tried to switch from the Basic tab to the Advanced tab when no Severity options were selected, the error message was not being displayed.
  • Fixed an issue where the Account Created email was sent when a Web User's password was updated.
  • Fixed an issue with the SFTP service where SCP downloads were not completing when the 'Idle Timeout' was reached.

Apr 29, 2011 - Version 2.0.6 Released

  • Enhanced the FTP/FTPS service to allow authentication with digital certificates. Digital Certificate authentication, with or without passwords, can be used for connecting to FTP service in Explicit SSL mode or to the FTPS service (Implicit SSL).

Apr 1, 2011 - Version 2.0.5 Released

  • Fixed an issue with Login Failed Trigger Event to make the web user information available to be used by trigger actions and conditions.

Jan 28, 2011 - Version 2.0.4 Released

  • Added an option to enable SCP support in the SFTP service.

Dec 9, 2010 - Version 2.0.3 Released

  • Fixed an issue with the List Web Users page where the Reset Password option does not get rendered properly when filtering the list of Web Users.

Oct 20, 2010 - Version 2.0.2 Released

  • Fixed an issue with the startup shell script that was failing to set the maximum memory allocated to the JVM on Unix and Linux installs.
  • Fixed an issue where resetting a Web User password was sending an email using the incorrect template.

Sept 20, 2010 - Version 2.0.1 Released

  • Fixed an issue where the SFTP server was showing 'Started' status when the server actually failed to start due to missing JCE policy files.
  • Fixed an issue where audit logs were not recording login failures when the attempted user name has more than 20 characters.
  • Fixed an issue with the background job (to disable inactive web users) running too frequently.
  • Fixed an issue with the Acceptable File Extensions setting in the HTTPS server that was causing the Enhanced Web Client from launching correctly in certain cases.
  • Fixed an incorrect validation with the Web User Imports.

Sept 1, 2010 - Version 2.0.0 Released

  • Added the ability to integrate with GoAnywhere Gateway. This allows GoAnywhere Services to reside in the private network, creating a highly secure file transfer environment. With this configuration, trading partners will be able to transfer files directly to your private network without the need to open any inbound ports on the backend firewall. This feature also includes screens to manage and monitor the connection to GoAnywhere Gateway.
  • Added an Enhanced Web Client. The Enhanced Web Client is a Java applet that allows Web Users to transfer multiple files concurrently, transfer entire folders, monitor the progress of transfers and verify the integrity of completed transfers. The Enhanced Web Client can be enabled or disabled from the HTTPS Service Preferences page.
  • Added support for Web User Templates. Web User Templates provide a method to configure the default account settings when new Web Users are created.
  • Added the ability to import Web Users from a CSV file.
  • Added the ability for Web Users to authenticate against an Active Directory, LDAP server, or System i server, in addition to the internal database. The login method can be configured on a per Web User basis.
  • Enhanced the logging for certain auditable actions such as adding, editing, or deleting Users, Groups, Web Users and Web User Groups.
  • Added the ability to disable Web User accounts after a certain number of inactive days.
  • Added support for a custom Web Client page title. The page title is displayed in the title bar of Internet browser when a Web User accesses the GoAnywhere Services Web Client.
  • Enhanced the Help->About screen to show thread usage.
  • Fixed an issue with the trigger conditions when using the ${event.user.loginDirectory} event attribute.
  • Fixed an issue where Delete Folder events were not being fired when folders were deleted using HTTPS service.

June 17, 2010 - Version 1.3.2 (Patch Release)

  • Made the system accounts "root" and "administrator" editable.
  • Updated the Service Configuration to allow duplicate port numbers on listeners binding to different local addresses.
  • Fixed an issue in the File Manager where, in certain cases after downloading a file, the other navigation and download links on the page stopped working.
  • Fixed an issue in the File Manager where the columns did not align appropriately when used by a user with read only permission.

May 28, 2010 - Version 1.3.1 (Patch Release)

  • Fixed an issue where certain HTTPS configuration options were not taking affect when the HTTPS service was started.

Apr 23, 2010 - Version 1.3.0 Released

  • Added support for filtering connections based on IP addresses. The IP filter can be configured as Black List or White list and supports single IPs, IP ranges, and CIDR notation. The IP filters can be configured globally for all services as well as for each web user.
  • Added a new Connection Rejected event type that can be used to execute a Trigger Action.
  • Added the ability to integrate with Syslog servers. Administrative logs and service audit logs can now be sent to a Syslog server using either UDP or TCP protocols.
  • Added a new action to move a file when a trigger event occurs.
  • Added a new action to delete a file when a trigger event occurs.
  • Added Connect and Disconnect command options for filtering audit logs for the HTTPS service.
  • Renamed Connect event type to Connection Successful.
  • Updated the SSL Certificate Manager to display the subject and issuer of the certificates.
  • Added a new configuration option for setting the maximum number of active threads in the FTP and FTPS services.
  • Updated the Permission options for Web Users and Web User Groups to no longer submit a request each time a checkboxes is selected/deselected.
  • Updated the Key Manager Role description to not include OpenPGP.
  • Relabeled the Global Preferences menu item to Global Settings.
  • Updated the View Trigger screen to include missing attributes for the Call Project action.
  • Fixed an issue with the anonymous login in FTP and FTPS services.
  • Fixed an issue with the SFTP server where the Web User name was not being logged appropriately when a login attempt fails.
  • Fixed an issue where the View Trigger screen was not displaying the correct Services that a trigger was defined for.
  • Fixed an issue in the Trigger Detail Log where remarks longer than 256 characters were causing the logging to fail.
  • Fixed an issue where duplicate trigger names for the same event type were allowed in certain cases.
  • Moved the database configuration settings to config/database.xml.
  • Fixed an issue on the Trigger Manager page where the list was not refreshing in certain cases.
  • Fixed an issue with the SFTP service where the last login date was not being updated when a web user successfully logs in using Public Key authentication.
  • Fixed an issue with the SFTP service related to Public Key authentication and expired accounts.

Feb 12, 2010 - Version 1.2.0 Released

  • Enhanced the Database Maintenance operations such as Backup and Tuning. Database backups can now be scheduled using an Hourly schedule or a Daily schedule. Database Tuning can be scheduled using a Daily or Weekly schedule.

Dec 29, 2009 - Version 1.1.0 Released

  • Added the ability to export certificate chains (PKCS #7 format) in the SSL Certificate Manager.
  • Added the ability to export and import private keys (PKCS #12 format) in the SSL Certificate Manager.
  • Added a new option to FTP and FTPS services to enable/disable site to site transfers when using a passive data connection.
  • Fixed the Audit Log Details screen to include the Web User name.
  • Fixed an issue with SSH Public Key authentication when the public key file name is in a different case than what the Web User has specified at the time of login.
  • Fixed an issue where the active session count was not reset when a service is restarted.
  • Fixed an issue with database backup files not unzipping correctly on UNIX/Linux systems using the system commands.
  • Fixed an issue where the virtual path is incorrect when a web user's home directory is the root of the file system such as / or C:\.
  • Fixed an issue with database backup rentention when the retention period is larger than 25 days.
  • Fixed an issue with some trigger conditions that use physical paths.
  • Fixed the FTP and FTPS services to return the timestamp in UTC for MLSD and MLST commands.
  • Fixed the FTP and FTPS services to not return hidden files in response to the LIST command.